45 matches found
CVE-2026-40451
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user...
Malicious Package
Overview deepl-sync is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in deepl-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f09b2cb596d2186d9533b703e85192087a2722c8307c51428330658f1972c3a The package deepl-sync was found to contain malicious code. Source: ghsa-malware 901de6816216276cc07830e358c2cae608d89087dba87b4acf0562604011e504 Any...
MAL-2026-3745 Malicious code in deepl-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f09b2cb596d2186d9533b703e85192087a2722c8307c51428330658f1972c3a The package deepl-sync was found to contain malicious code. Source: ghsa-malware 901de6816216276cc07830e358c2cae608d89087dba87b4acf0562604011e504 Any...
DeepL Chrome browser extension vulnerable to cross-site scripting
Overview DeepL Chrome browser extension contains the following vulnerability. Cross-site scripting CWE-79 - CVE-2026-40451 This vulnerability was reported by the researchers below and JPCERT/CC coordinated with the developer. Junki Yuasa of Cybozu, Inc. reported this vulnerability to JPCERT/CC...
CVE-2026-40451
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user...
CVE-2026-40451
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user...
CVE-2026-40451
The CVE-2026-40451 entry affects the DeepL Chrome extension, specifically versions 1.22.0 through 1.23.0. It describes a cross-site scripting vulnerability that allows an attacker to execute arbitrary scripts in a user’s browser and inject malicious HTML into pages viewed by the user. The provide...
CVE-2026-40451
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user...
CVE-2026-40451
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user...
EUVD-2026-24605
DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user...
PT-2026-34249
Name of the Vulnerable Software and Affected Versions DeepL Chrome browser extension versions 1.22.0 through 1.23.0 Description A cross-site scripting flaw allows an attacker to execute arbitrary script in a user's browser and inject malicious HTML into web pages viewed by the user. Recommendatio...
DeepL for Chrome 跨站脚本漏洞
DeepL for Chrome is an open-source translation extension for the Chrome browser developed by DeepL. Versions 1.22.0 to 1.23.0 of DeepL for Chrome contain a cross-site scripting vulnerability. This vulnerability allows attackers to execute arbitrary scripts in the user’s browser and inject malicio...
EUVD-2022-43050
Malicious code in bioql PyPI...
EUVD-2023-31222
Malicious code in bioql PyPI...
EUVD-2023-50822
Malicious code in bioql PyPI...
CVE-2023-46620
Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.3.9.1 versions...
CVE-2023-27446
Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...
CVE-2022-3691
The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive information including the DeepL API key in files that are publicly accessible to an external, unauthenticated visitor...
CVE-2023-27446
Cross-Site Request Forgery CSRF vulnerability in Fluenx DeepL API translation plugin = 2.1.4 versions...